CVE-2019-11631 (moodle)

Moodle 3.6.3 allows remote authenticated administrators to execute arbitrary PHP code via a ZIP archive, containing a theme_*.php file, to repository/repository_ajax.php?action=upload and admin/tool/installaddon/index.php.
Source: NIST
CVE-2019-11631 (moodle)